Exhibit B 



Johnson I text compared to 
U.S. Patent No. 6,449,108 
(Appl. No. 09/239,435) 



REFERENCE TO PENDING APPLICATIONS 

[0001] This application is a continuation-in-part of (a) U.S. patent application Ser. No. 
09/239,425 entitled "A Secure Electronic Mail System" filed on Jan. 28, 1999 and (b) 
Ser. No. 09/255,837 entitled "Method For Information Encoding And Transfer" filed on 
Feb. 23, 1999 which are continuation-in-part applications of co-pending U.S. patent 
application Ser. No. 08/892,982, filed Jul. 1 5, 1997, and entitled "Combined Remote 
Access and Security System"; which is a continuation-in-part of U.S. patent application 
Ser. No. 08/752,249, filed Nov. 19, 1996, and entitled "Combined Remote Access and 
Security System". 

REFERENCE TO MICROFICHE APPENDIX 

("00021 This application is not referenced in any microfiche appendix. 

TECHNICAL FIELD OF THE INVENTION 

[00031 The invention relates generally to a data processing system, method and article of 
manufacture allowing for the dynamic reconfiguration of an input/output device 
controller. In particular, the present invention relates to a computer-based system, method 
and article of manufacture which supports and facilitates a remote configuration and 
utilization of an emulated input/output device controller via encrypted data 
communication between a plurality of users and said controller. 

BACKGROUND OF THE INVENTION 

1 . Fi e ld of the Inv e ntion 

Th e pr e s e nt inv e ntion is dir e ct e d to an apparatus and m e thod for a s e cur e e l e ctronic mail 
communication syst e m. Mor e particularly, the inv e ntion is dir e ct e d for us e in 
communicating over n e tworks wh e r e s e cur e information e xchang e is r e quir e d. Th e 
inv e ntion has utility in applications such as p e rson to p e rson communication ov e r 
n e twork syst e ms, communications ov e r th e Int e rn e t, int e rbusin e ss n e twork 
communication s wh e r e se curity is r e quir e d, and th e lik e . 

2. Prior Art 

Th e us e of k e ys for s e cur e communications is w e ll known. S e cur e communication 
syst e ms, as w e ll as k e y sy s t e m s , ar e s hown in U.S. Pat. No. 4 ,182,933, issu e d to 
Rosenblum on Jan. 8, 1980, e ntitl e d "Secur e Communication Syst e m With R e mot e K e y 
S e tting"; U.S. Pat. No. 4,310,720, issued to Chock, Jr. on Jan. 12, 1982; e ntitl e d 
"Comput e r Acc e ssing System"; U.S. Pat. No. 4 ,578,531, issu e d to Ev e rhart e t ah, on 
Mar. 25, 1986, e ntitled "Encryption Syst e m Key Distribution M e thod and Apparatus"; 
U.S. Pat. No. 4,965,804, issued to Trbovich et al. on Oct. 23, 1990, e ntitl e d "Key 
Manag e m e nt for Encrypt e d Pack e t Bas e d Networks"; U.S. Pat. No. 5,20 4 ,961, issu e d to 
Barlow on Apr. 20, 1993, entitl e d "Comput e r N e twork Operating With Multi L e v e l 



Hi e rarchial S e curity With S e l e ctabl e Common Trust R e alms and Corresponding S e curity 
Protocol s "; and U.S. Pat. No, 5,416,8 4 2, issued to Aziz on May 16, 1995 e ntitl e d 
"M e thod and Apparatus For Key Management Sch e m e For Us e With Int e rn e t Protocols 
At Sit e Fir e walls". 

U.S. Pat. No. 4 ,182,933, issu e d to Ros e nblum on Jan. 8, 1980, discuss e s a "S e cur e 
Communication Syst e m With R e mot e Key Setting". Th e Rosenblum '933 patent 
describes a syst e m wher e in a first subscriber communicates with a k e y di s tribution center 
to g e t an updated key to initiat e s e cur e communications with a s e cond subscrib e r. An 
ov e rview of th e syst e m shows that th e user dials a t e l e phon e numb e r into th e first 
subscribing unit. Th e first subscribing unit then places th e t e l e phon e number into 
temporary memory storage. Th e first subscriber then retri e v e s its initial call e r variabl e 
from m e mory and plac e s it into a k e y g e n e rator. Th e first subscrib e r th e n retri e ves th e 
numb e r of th e k e y distribution c e nt e r (KDC) from its m e mory and dials th e numb e r. 
Once a conn e ction has b ee n establi s hed the first subscriber s e nds it s caller ID as well as 
the call e r ID of the telephone number being called to the KDC. This information is not 
y e t transmitted in a s e cure mann e r. 

Onc e th e KDC has r e ceiv e d the information from the fir s t subscriber, th e KDC looks up 
th e call e r variabl e for both the first subscrib e r and for the telephone number being called. 
Th e KDC th e n g e n e rates a new call e r variable for th e first t e l e phon e numb e r. Th e KDC 
th e n transmits th e call e r variabl e for th e numb e r b e ing call e d, a n e w call e r variabl e for 
th e first subscrib e r, using a s e cur e transmi s sion controll e d by th e initial call e r variabl e . If 
this tran s mission is succ e ssful, then the KDC will replac e the old caller variabl e in its 
tabl e format with a n e w caller variable and break the connection. 

Once the first subscrib e r has r e ceiv e d and deciph e red th e call e r variabl e for the number to 
b e call e d and its n e w k e y call e r variable, it will r e plac e th e old and us e d initial call e r 
variabl e k e y with th e n e w call e r variabl e k e y. Th e first subscrib e r will th e n s e nd th e k e y 
for th e numb e r to be call e d to th e k e y g e n e rator, r e tri e v e th e t e l e phon e numb e r to b e 
call e d, and dial th e t e l e phone numb e r. Th e first subscrib e r will th e n transmit any 
information input by th e us e r to th e s e cond subscrib e r using th e s e cond subscrib e r k e y. 
Th e s e cond subscrib e r will r e c e iv e information that has b ee n e ncod e d with th e s e cond 
subscrib e r k e y and will d e cod e th e information and transfer it on to th e se cond us e r. In oil 
alt e rnativ e e mbodiment, aft e r th e phon e call betwe e n the first subscrib e r and s e cond 
subscrib e r, th e second subscrib e r will call and g e t a n e w k e y from th e KDC. In this 
alternativ e e mbodim e nt, both th e k e y for th e first subscrib e r and for th e s e cond subscrib e r 
will b e chang e d out on e v e ry t e l e phon e call. 

U.S. Pat. No. 1,310,720, issued to Check, Jr. on Jan. 12, 1982 discloses a "Computer 
Accessing Syst e m". Th e sp e cification disclos e s a m e thod for communicating b e tw ee n an 
access unit and a comput e r. Th e us e r e nt e rs his pa ss word into an input d e vic e which is 
connect e d to an acc e s s unit. Th e acc e ss unit g e n e rates a pseudo random acc e ss k e y from 
tho password that is e nt e red. Th e access unit th e n s e nds th e acc e ss unit numb e r and th e 
g e nerat e d acc e ss k e y to th e comput e r controll e r for acc e ss to th e comput e r syst e m. Th e 
computer controller receives th e acc e ss unit numb e r and acc e ss k e y. Th e comput e r 



controll e r th e n v e rifi e s th e acc e ss unit numb e r. If th e access unit numb e r is prop e rly 
v e rifi e d, th e comput e r controll e r will th e n compar e the acc e ss code to th e e xpected acces s 
cod e listed in a table in th e comput e r's memory. This expect e d access cod e i s g e nerated 
using a congru e nt ps e udo random d e coding algorthym. If the acc e ss key code and th e 
expect e d cod e match, th e n the comput e r controll e r will e stablish a link b e tw ee n th e 
acc e ss unit and th e comput e r. 

Th e access unit and the computer will talk through an encoded communication system. 
Both th e acc e ss unit and th e computer will us e a randomly g e n e rated e ncryption key for 
e ncoding and d e coding th e communication. This k e y is ind e p e nd e ntly gen e rat e d by both 
the acces s unit and th e computer and is not transmitt e d over th e access unit to comput e r 
link. After th e termination of th e call b e tween the acc e ss unit and the computer, th e 
computer will g e n e rat e and store th e n e xt access key numb e r for that particular acc e ss 

Uftttr 

U.S. Pat. No. 4,578,531 issued to Ev e rhart ct al. on Mar. 25, 1986 disclos e s an 
"Encryption System K e y Distribution M e thod and Apparatus". This system allows the 
s e cur e m e thod for communication b e tw ee n a t e rminal "A" and t e rminal "B" by using a 
r e mot e k e y distribution cent e r. An initial signal is s e nt from t e rminal "A" to t e rminal "B" 
to initiat e th e process of generating a secure communication line. T e rminal "A" then 
generat e s a n e w call s e t up k e y in pr e paration for communication with the k e y 
distribution c e nter, and a partial s e ssion key which will bo transmitted through the key 
distribution cent e r to t e rminal "B". T e rminal "A" then updat e s its v e rification information 
in preparation for communication with th e key distribution center. T e rminal "A" then 
initiat e s th e conn e ction with the k e y distribution c e nt e r to which it s e nds its t e rminal 
addr es s and th e t e rminal "B" address and an e ncrypt e d m e ssag e including th e two 
g e n e rated keys and the v e rification information. At this point, terminal "A" will wait for 
th e proc e ssing by the k e y distribution c e nt e r. 

The k e y distribution c e nt e r will r e ad th e addr e ss information from th e signal s e nt from 
t e rminal "A" and u s e this to acces s a d e cryption key previously s e nt in communication 
with t e rminal "A". Th e m e ssag e from t e rminal "A" will th e n b e d e crypt e d and th e 
v e rification information will b e updat e d. Th e k e y distribution c e nt e r will th e n g e n e rate a 
bidir e ctional asymm e tric e ncryption/de cryption key pair. Th e first part of this key pair 
will b e s e nt to terminal "A", and th e s e cond part of the key pair will b e s e nt to terminal 
"B". A similar communication will happ e n with t e rminal "B". 

Th e m e ssag e to t e rminal "A" will consist of a subsequ e nt call k e y for th e n e xt 
communication with a KDC, a partial s e ssion key which it r e c e ived from terminal "B", 
v e rification information, and two oth e r variables "Y" and "Q". Th e s e fiv e pi e ces of 
information will be e ncrypted using th e call set up koy for th e pr e s e nt communication 
with t e rminal "A" and th e information will b e transmitt e d to t e rminal "A". A similar 
encrypt e d m e ssag e will also bo sent to t e rminal "B" from th e KDC. 

T e rminal "A" will d e crypt th e m e ssag e from th e KDC and v e rify that th e information is 
corr e ct. T e rminal "A" will dien store th e n e w communication k e y for th e next 



communication with th e KDC, tak e down the chann e l to th e KDC, and establish a 
communication chann e l with t e rminal "B". A similar proc e ss will happ e n at t e rminal "B". 
At this point, t e rm i nal "A" and "B" will b o abl e to communicat e s e cur e ly using th e partial 
k e ys that wer e exchanged through the KDC. T e rminals "A" and "B" can th e n use a 
random numb e r and th e variabl e s "Y" and "Q" to cr e at e a n e w k e y which may b e us e d to 
communicat e s e cur e ly betw ee n t e rminals "A" and "B". By using th e variabl e s and a 
random numb e r to gen e rat e a n e w communication k e y, a secure communication 
encryption messag e may b e e mploy e d which cannot b e known by any outsid e rs to 
terminal "A" and "B", including th e KDC. 

U.S. Pat. No. 4,965,80 4 , issued to Trbovich ot al., on Oct. 23, 1990, discloses a "K o y 
Manag e ment For Encrypted Packet Based Networks". This method of k e y manag e ment 
us e s a k e y distribution c e nt e r for s e nding k e ys to r e mot e locations so that a s e cur e 
communication can b e mad e . Specifically, th e syst e m is d e sign e d to b e compatibl e with 
X.25 typ e pack e t switching networks. This compatibility r e quire s a balanced transmission 
which is implemented by a transpar e nt device b e twe e n the sourc e DTE and s e cond 
YDTE. Th e sourc e DTE sends a transmit r e qu e st to th e transpar e nt d e vic e which 
r e sponds with a dummy signal back to th e sourc e DTE. The transpar e nt d e vic e th e n 
contacts th e k e y managem e nt syst e m and obtains a k e y. A similar k e y is s e nt to the 
transparent d e vic e for th e second DTE. The tran s parent devices for th e first DTE and the 
s e cond DTE th e n e stablish a communication network with an encrypted signal transf e r, 
and finally th e sourc e DTE talks to th e s e cond DTE through th e transpar e nt d e vic e s and 
th e e ncrypt e d conn e ction. 

U.S. Pat. No. 5,204,961, issu e d to Barlow on Apr. 20, 1993, disclos e s a "Computer 
N e twork Rating With Multi L e v e l Hi e rarchial S e curity With S e l e ctabl e Common Trust 
R e alm s and Corresponding S e curity Protocols". Th e invention involv e s a method for 
s e tting up n e twork communications b e tw ee n two trust e d comput e r syst e ms. Each trust e d 
comput e r has a common s e t of protocols for th e prot e ction of data contain e d th e r e in. 
Thus, if a us e r for a trust e d comput e r syst e m att e mpts to s e nd data to a non trusted 
comput e r syst e m, th e n th e trust e d comput e r system will stop th e m e ssag e transf e r and 
will not allow th e communication to occur. This syst e m op e rat e s as a m e thod for two 
trust e d comput e rs to talk ov e r a n e twork which is not physically s e cur e against 
int e rlop e rs. Each comput e r that is a m e mb e r of a sp e cific trust r e alm e nforc e s a 
pr e d e fin e d se curity policy and d e fin e s security l e vels for the data contain e d within the 
comput e r. B e for e a trust e d comput e r transmits a specifi e d m e ssag e , th e trust e d comput e r 
ch e cks th e trust r e alm tabl e to v e rify that both th e transmitting and r e c e iving comput e rs 
ar e part of at l e ast on e common trust realm. If both computers ar e part of a common trust 
r e alm, th e n th e m e ssage will b e transferred using th e appropriat e protocol for that trust 
r e alm. If th e computers ar e not both m e mbers of the trust r e alm, th e n th e m e ssag e will 
not b e transmitt e d. Th e communication betwoon two trust e d comput e rs consists of a 
messag e which is transmitt e d as a protocol data unit w r hich includ e s a s e al e d v e rsion of 
th e m e ssag e , auth e nticat e d identifi e s for tho s ending s yst e m and us e r, th e message 
s e curity l e v e l lab e l, and an id e ntifi e r for the selected trust r e alm. Th e transmitt e d m e ssag e 
is th e n r e c e iv e d, process e d for validity and if valid, th e m e ssag e is proc e ss e d within th e 
r e ceiving comput e r. 



U.S. Pat. No. 5,116,8 4 2, issu e d to Aziz on May 16, 1995, disclos e s a "Method and 
Apparatus For Key Manag e m e nt Schem e For U se With Internet Protocols at Sit e 
Fir e walls". This syst e m consist s of s e parat e privat e n e tworks which communicat e ov e r an 
Int e rn e t typ e conn e ction through firewalls. A privat e n e twork "I" communicat e s through 
a firewall "A" to th e Int e rn e t wh e r e th e m e ssag e is transf e rred to fir e wall "B" and th e n 
decoded and sent on to another privat e n e twork "J". This allows privat e n e twork "I" and 
private n e twork "J" to communicate in a secur e e ncapsulated message whil e having 
fir e wall prot e ction. Th e inv e ntion b e gins with a sourc e nod e "I" s e nding a data gram to 
th e firewall "A". Fir e wall "A" has a s e cr e t valu e "SA" and a public valu e "PA". Similarly, 
fir e wall "B" is provid e d with a secr e t valu e "SB" and a public valu e "PB". In this manner 
both firewall "A" and fir e wall "B" can acquir e a shared secret value "SAB" without 
having to communicate. Th e communication is initiat e d by providing fir e wall "A" and 
fir e wall "B" with initial valu e s for all oth e r s e cur e fir e walls on th e n e twork. Fir e wall s 
"A" and "B M then us e se cr e t value "SAB" to create a k o y "KAB". The transmitting 
firewall then generates a random k e y "KP" which is used to encrypt the receiv e d data. 
Th e k e y "KP" and the e ncrypt e d data are th e n all e ncrypt e d by the public key "KAB" for 
transmission ov e r th e Intern e t. Fir e wall "B" will th e n us e k e y "KAB" to d e crypt th e 
message for the privat e k e y "KP" and d e crypt th e data that has b e en transmitted. In this 
mann e r th e transmitting firewall can constantly be changing the privat e key "KP" which 
incr e ases th e security of th e syst e m. 

The abov e describ e d key distribution and e ncryption syst e ms suff e r from the drawbacks 
of u s ing known communication pathways, having known addresses, and som e syst e m s 
e v e n transf e r s e cur e k e y information ov e r th e communication lin e s. 

Henc e , ther e is a n ee d for an improved communication m e thod which allow s for 
encrypted information transf e r to dynamic locations without transmitting th e k e ys ov e r 
th e communication lin e . 

[0004] The present invention provides for secured, real-time, configuration and 
utilization of an emulated input/output device controller. The instant invention advances 
the art by allowing its practice to be supported via an encrypted communications protocol 
interfacing with, and relying upon, the teachings, practices and claims disclosed in co- 
pending U.S. patent applications Ser. No. 09/239,425 and 09/255,837 (hereinafter 
synonymously referred to as "Secure Agent" or "SA"). 

[0005] Secure Agent Service Overview 

r00061 The following overview is provided to facilitate a comprehensive understanding 
of the teachings of the instant invention. Secure Agent utilizes a secure login sequence 
wherein a client connects to a Secure Agent server using a key known to both systems 
and a client connects and presents the server with user identification (as used herein the 
term "client" refers synonymously to a remote user establishing, and communicating with 
the instant invention through Secure Agent allocation and encryption processes as taught 
in the above noted applications). If recognized, die Secure Agent server initiates a 



protocol whereby the client's identification is verified and subsequent communication is 
conducted within a secured (encrypted) construct. For purposes of this overview, the term 
"server" should be considered a hardware configuration represented as a central 
processing unit wherein Secure Agent, a Host DLL and driver reside, and are executed. 
The term "DLL" as used herein refers to a Secure Agent host dynamically linked library 
(a.k.a. Host DLL). The term "DLL" or "dynamically linked library" is used in a manner 
consistent with that known to those skilled in the art. Specifically, the term "DLL" refers 
to a library of executable functions or data that can be used by a Windows application. As 
such, the instant invention provides for one or more particular functions and program 
access to such functions by creating a static or dynamic link to the DLL of reference, 
with "static links" remaining constant during program execution and "dynamic links" 
created by the program as needed. 

r0007] The Secure Agent server presents a variable unit of data, such as the time of day, 
to the client as a challenge. The client must then encrypt that data and supply it back to 
the server. If the server is able to decrypt the data using the stored client's key so that the 
result matches the original unencrypted challenge data, the user is considered 
authenticated and the connection continue. The key is never passed between the two 
systems and is therefore never at risk of exposure. 

r00081 The initial variable unit of data seeds the transmission of subsequent data so that 
the traffic for each client server session is unique. Further, each byte of data transmitted 
is influenced by the values of previously sent data. Therefore, the connection is secure 
across any communication passageway including public networks such as, but not limited 
to, the Internet. The distance between the client and server is not of consequence but is 
typically a remote connection. For accountability purposes, the actions of a client may be 
recorded (logged) to non-volatile storage at almost any detail level desired. 

f0009] The access rights of each client (what the client is able to accomplish during a 
session) is governed by data stored on the Secure Agent server to which the client is 
associated. As an example, such rights might encompass the ability to administer and 
utilize the services of the server system, which would, in turn, include capabilities such as 
adding new client users, changing a user's rights, transferring new code to the server, 
using a feature (or service) of the server and more. 

fOOl 0] Consequently, Secure Agent allows for the transmission of new code to the server 
and for that code to be implemented upon demand by a client. Such dynamic, real-time 
implementation in turn, allows for the behavior of the server to be modified. It is to this 
behavior modification the instant invention addresses its teachings, and thereby advances 
the contemporary art. 

TOPI 1] As will be readily appreciated by those skilled in the art, though the instant 
invention utilizes encryption/decryption and code recognition technology associated with 
Secure Agent, an alternati ve technology may be employed in support of the instant 
invention without departing from the disclosure, teachings and claims Additionally, th e r e 
r e mains a n ee d for a mechanism in which to log on to a comput e r syst e m s e cur e ly 



without passing password. presented herein. 
BRIEF SUMMARY OF THE INVENTION 

In accordanc e with th e pr e s e nt inv e ntion, an improved encod e d or e ncrypt e d m e thod for 
transf e rring information is provid e d which addresses th e drawbacks of th e prior art 
d e vic e s. 

In accordanc e with on e e mbodim e nt of the pr e sent inv e ntion a messag e is input to a first 
d e vic e which obtains a dynamic addr e ss from a first s e rv e r to allow for comi e ction to a 
s e cond s e rv e r. 

A furth e r e mbodim e nt of th e inv e ntion allows for transmitting the m e ssag e from th e first 
d e vic e to th e s e cond s e rver, r e c e iving th e m e ssage at th e s e cond serv e r, storing the 
m e ssage until transf e r to a s e cond device as requ e st e d, and then transmitting th e message 
to the second device from the second server. 

Anoth e r e mbodim e nt of the pr e s e nt inv e ntion allows for e ncoding th e m e ssag e b e for e it 
is input to the first device, and decoding th e message aft e r it has been r e ceived at the 
second device. 

Y e t anoth e r e mbodim e nt of th e pr e s e nt invention allows for multipl e s e rvers which can 
b e contact e d to obtain th e dynamic address of anoth e r s e rv e r. 

A still furth e r e mbodiment of the pr e s e nt invention us e s a r e mot e administrator to control 
acc e ss both to th e first s e rv e r for obtaining th e dynamic addr e ss e s, and to th e s e cond 
s e rv e r for mes s ag e transf e rs. 

In accordanc e with anoth e r e mbodim e nt of th e pres e nt inv e ntion, th e us e r acc e ss to th e 
s e cur e nam e s e rv e r is controlled by a r e mot e administrator which cr e at e s, authoriz e s and 
d e l e t e s valid us e r ID/password combinations. 

In accordanc e with anoth e r e xampl e of th e pr e s e nt inv e ntion, th e syst e m allows for an 
e l e ctronic mail transf e r b e tw e en two us e rs wh e r e a dir e ct communication b e tw ee n th e 
first us e r and s e cond u se r nev e r occurs. In this mann e r, two us e rs can communicat e 
without actually having a direct conn e ction which is d e t e ctabl e by oth e r parti e s. 

Th e principal object of th e pr e s e nt inv e ntion is to provid e an e asy to us e , prot e cted, 
e l e ctronic mail system for communication. 

Anoth e r obj e ct of th e pr e s e nt inv e ntion is to allow for th e e stablishment of multipl e 
e l e ctronic mail s e rv e rs for diff e r e nt us e r cat e gori e s. 

A still furth e r obj e ct of th e pr e s e nt inv e ntion is to provid e for a syst e m which can 
communication on both s e cur e and non s e cur e e l e ctronic mail s e rv e rs. 



Y e t anoth e r obj e ct of th e pr e s e nt inv e ntion is to provid e for a program which allows for 
automatic and imm e diate d e l e tion of el e ctronic mail messag e s onc e they hav e b ee n s e nt. 

Other objects and further scop e of th e applicability of th e present invention will become 
appar e nt from th e d e tail e d d es cription to follow, taken in conjunction with the 
accompanying drawings wh e rein lik e parts are designat e d by like refer e nc e numerals, 

DESCRIPTION OF THE DRAWINGS 

TOO 12] The present invention is best viewed as comprised of two server components with 
one or more client subcomponents or sub-processes disclosed in association thereto. It 
can be further conceptualized that a distinguishable client component exists for each 
emulated device type recognized by the invention's server, with an individual client 
supporting the simultaneous use of a plurality of client-side components. As used 
throughout the instant invention specification and claims, the term "server 11 is used 
synonymously with "emulated device controller", "server central processing unit", 
"server CPU", and "remotely configurable input/output device controller" and the term 
"client" is used synonymously with "host user", "client central processing unit", "client 
CPU" and "remote user". 

r0013] The invention's lower-most server component layer is a device driver to 
communicate directly with one or more hardware components attached to one or more 
computer systems, such as, but not limited to, mainframe computers (a.k.a. host 
processors). The driver controls the hardware in a manner prescribed by its design, 
causing it to interact with the other computer systems to which it is connected as if it 
were one or more device types (emulation). The driver additionally acts as a conduit to a 
higher level server component that governs the overall behavior of the emulated devices. 
This higher level component primarily supplies the driver with new data to provide 
through the emulated devices to the other computers to which it is connected and accepts 
data arriving to the emulated devices earned up by die device driver. Both layers 
predomoninantly operate on a device by device basis. The higher level server component, 
in turn, serves as the interface between Secure Agent technology and remotely connected 
clients allowing for the encrypted transmission of all data external to the server. 

[0014] Using the example of an IBM 3215 console, a cl ient would connect to a server 
and request a list of the 321 5 devices which shared membership to the user's security 
groups. The user would select a device and a logical pathway from the mainframe 
computer to the client's system would become established. The client would 
communicate through the server layers with the end result of messages transported from a 
mainframe through an emulated device to the client for presentation within a window on 
a computer screen. Conversely, commands to the mainframe may be issued at the client's 
workstation and are transported through to the emulated device then through it to the 
mainframe. 

["00151 Just as a client might have the ability to administer users (i.e. add/remove), a 
client might be able to modify the presence and behavior of emulated devices, via Secure 



Agent administrative functions as taught by the afore noted pending patent applications. 
Allowable configuration ranges and values are verified and enforced according to rules 
by the server. The various data elements that may be controlled are listed at the bottom of 
this section. The server disallows modification of the active configuration (apart from 
device names and their security groups) and forces such modifications to be made to an 
inactive configuration. This inactive configuration maybe swapped with the active 
configuration (thus activating it) upon demand. Thus, a new configuration may be 
prepared prior to a decision made to put it into effect. Additional control functionality 
includes but is not limited to the following: 

TOO 161 Recycling an adaptor that is connected to an external computer system. This is 
commonly referred to as a Power On Reset or, more simply, a POR. 

r00171 Viewing which users are connected to which devices. 

("0018] Disconnecting a client user from a device to which he is connected. 

[0019] Activating an inactive configuration. 

r00201 Copying the active configuration to the inactive configuration in order to make 
changes based upon the active configuration. 

[0021] Purging the inactive configuration in order to start fresh. 

[0022] Consequently it is an object of the instant invention to provide for remote control, 
operation and use of a server Central Processing Unit (CPU). 

[00231 A further object of the instant invention is to provide for a secured logon sequence 
utilizing encrypted data transmission in accordance with the teachings, disclosure and 
claims of the above noted pending patent applications. 

[0024] Yet another object of the instant invention is to insure that all data transferred 
external of the emulated input/output device controller is encrypted in accordance with 
the teachings of the above noted pending patent applications. 

[0025] A further object of the instant invention is to provide the ability for an 
administrator to alter and manage the configuration of emulated mainframe peripheral 
devices. 

[00261 A further object of the instant invention is to allow the selective addition or 
restriction in the presence of devices to one or more host processors such as, but not 
limited to, mainframe computers. 

[00271 Another object of the instant invention is to provide for a configuration 
specification which provides the ability to arbitrarily name each emulated device and 
assign it to one or more security groups of which a user must be a member in order to 



access that particular device, 

[0028] An additional object of the present invention is to provide the capability by which 
an administrator may add and remove one or more users with respect to emulated 
input/output device allocation, 

[00291 Yet another object of the instant invention is to provide a facility by which an 
administrator may manage the security groups to which a user belongs, thus controlling 
the access of devices by users at any level desired down to an individual user level. 

[0030] A further object of the instant invention is to provide the ability for a user to 
access and operate an emulated input/output device. 

[0031] Yet another object of the instant invention is to provide the facility by which an 
administrator may effect/implement new device emulation types. 

[0032] Another object of the instant invention is to provide support for multiple device 
types which may be simultaneously supported and operated. 

[0033] Responsive to the foregoing challenges, the Applicant has developed an 
innovative system, method and article of manufacture to remotely configure and utilize 
an emulated device controller via an encrypted validation communication protocol. 

[0034] It is to be understood that both the foregoing general description and the following 
detailed description are exemplary and explanatory only, and are not restrictive of the 
invention as claimed. The accompanying drawings, which are incorporated herein by 
reference, and which constitute a part of this specification, FIG. 1 is a sch e matic view of 
a n e twork communication arrang e m e nt utilizing a s e cur e el e ctronic mail syst e m illustrate 
certain embodiments of the invention and, together with the detailed description, serve to 
explain the principles of the present invention. 

FIG. 2 is a flow chart r e pr e s e ntation of th e process to r e mot e ly administrat e e l e ctronic 
mail accounts. 

FIG. 3 is a flow chart r e pr e s e ntation of th e proc e ss us e d to s e nd mail. 

FIG. 4 is a flow chart r e pr e s e ntation of a proc e ss us e d to r e tri e v e mail. 

FIG. 5 is a flow chart r e pr e sentation of a process to r e gister a machin e with a s e cur e 
nam e s e rv e r. 

FIG. 6 is a flow chart r e pr e s e ntation of a proc e ss for obtaining an IP addr e ss from 
alt e rnat e s e cur e nam e se rv e r s . 

FIG. 7 is a flow chart r e pr e s e ntation of a proc e ss to get an IP addr e ss from a particular 
secure name server. 



FIG. 8 is a flow chart r e pr e sentation of a conn e ction proc e ss to a se cure e lectronic mail 
s e rv e r. 



DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

In accordanc e with one e xemplary embodim e nt of th e pre s ent invention as shown in FIG. 
1, a protect e d communication n e twork is g e nerally designat e d by the refer e nce numeral 
40r 

In the preferred embodiment, the protected communication n e twork 10 consists of a first 
c e ntral processing unit or us e r 12, a s e cure nam e s e rver 1 4 , a secur e e lectronic mail 
s e rv e r 16, a s e cond central proc e ssing unit or us e r 18, a r e mot e administrator 20 and a 
conn e cting n e twork 22. Th e gen e ral operation of th e ov e rall syst e m will b e outlin e d in 
th e following discussion. 

Initially, th e s e cure e lectronic mail s e rver 16 will e stablish a link to a conn e cting n e twork 
22 and obtain a dynamic addr e ss. The dynamic addr e ss is standardly assigned by the 
n e twork to a user of th e n e twork. An e xampl e of a dynamic addr e ss is a dynamic Int e rnet 
protocol addr e ss for communicating ov e r th e Int e rnet or world wide web. Th e secure 
e lectronic mail s e rv e r 16 will th e n contact th e secure nam e s e rv e r 1 4 which has a fix e d 
address on th e connecting n e twork 22. Th e s e cur e e lectronic mail s e rv e r 16 will then 
notify the s e cur e name server 1 4 of th e s e cure electronic mail s e rv e r's 16 dynamic 
addr e ss on the conn e cting network 22. The communication betw e en the secur e electronic 
mail s e rver 16 and th e secur e nam e s e rv e r 1 4 will th e n b e discontinu e d. 

It will be understood that the pr e sent inv e ntion will be applicabl e to various types of 
n e tworks. 

N e xt, th e r e mot e administrator 20 will log on to th e conn e cting n e twork 22 and 
communicat e with th e secur e nam e s e rv e r 1. 4 . Note that this communication is a protected 
communication to allow for a prot e ct e d i nformation transfer. Th e secur e nam e serv e r 1 4 
transf e rs th e dynamic address of th e s e cur e e l e ctronic mail serv e r 16 to th e r e mot e 
administrator 20. Th e communication b e tw ee n the s e cure nam e server 1 4 and th e r e mot e 
administrator 20 is th e n discontinu e d. 

In an alt e rnat e e mbodim e nt, th e r e mot e administrator 20 will e stablish logon protocol for 
us e rs to acc e ss th e s e cur e nam e s e rv e r 1 4 . The remot e administrator 20 will th e n hav e th e 
information to pass on to users of the prot e ct e d communication n e twork 10 to allow them 
to acc e ss th e s e cur e nam e server 1 4 through th e ir logon protocol. In this mann e r, acc e ss 
to th e secur e nam e s e rv e r 1 4 is controll e d by the logon protocol, and only us e rs 
authoriz e d by th e r e mot e administrator 20 will be allowed to acc e ss th e s e cur e nam e 
s e rv e r 1 4 . 

Aft e r r e c e iving th e dynamic address of th e s e cur e electronic mail s e rv e r 16, th e r e mot e 
administrator 20 will initiate a communication with tho secur e e l e ctronic mail s e rv e r 16 



over th e network 22, Onc e again, this is a prot e ct e d information transf e r communication : 
During this communication, th e r e mot e administrator 20 will cr e at e , chang e , and d e l e t e 
authorized usor ID/password combinations for acc e ssing the secure el e ctronic mail s erv e r 
16. The communication betw e en th e r e mot e administrator 20 and the secure e l e ctronic 
mail s e rv e r 16 will th e n b e discontinued. 

As different users requir e acc e ss to th e syst e m, th e r e mot e administrator 20 will provid e 
the appropriat e logon protocol and/or authorized ID/password combinations to th e us e rs 
to allow for acc e ss to th e prot e cted communication network 10. In this e xampl e , both th e 
first us e r 12 and th e s e cond us e r 18 contact th e r e mot e administrator 20 for authorized 
logon protocol and us e r ID/password combinations. 

Th e first us e r 12 now wishes to writ e and s e nd an e lectronic mail communication to th e 
second us e r 18 ov e r th e prot e ct e d communication n e twork 10. Th e first us e r 12 us e s his 
uniqu e logon protocol combination to acc e ss th e secur e name serv e r 1 4 over th e 
connecting network 22. Once again, thi s is a protected communication. Th e first u s er 12 
th e n obtains th e dynamic addr e ss of th e s e cur e el e ctronic mail s e rv e r 16 from the secur e 
nam e s e rv e r 1 4 . Th e communication b e tw ee n th e first user 12 and th e s e cur e nam e s e rv e r 
1 4 i s th e n discontinu e d. 

Th e first us e r 12 now us e s his ID/password combination and th e dynamic addr e ss to log 
onto the s e cur e e l e ctronic mail s e rv e r 16. Onc e th e first us e r 12 has logg e d on to th e 
secur e el e ctronic mail s e rv e r 16, th e first us e r's 12 e l e ctronic mail messag e is th e n 
protected by a protection method, such as e ncryption, and s e nt on the communication 
n e twork 22 to th e d e signat e d r e cipi e nt's box on th e s e cur e e l e ctronic mail s e rv e r 16. In 
this e xampl e , th e information would b e stor e d in th e s e cond us e r's box. Th e 
communication betw ee n th e first user 12 and s e cur e e l e ctronic mail server 16 is th e n 
broken. 

At random int e rvals, th e s e cond us e r 18 will us e his s e parat e logon protocol to obtain th e 
dynamic addr e ss of th e e l e ctronic mail s e rv e r 16 from th e s e cur e nam e s e rver 1 4 and then 
acc e s s th e s e cur e e l e ctronic mail s e rv e r 16 with his ID/Pas s word combination to se e if 20 
th e r e ar e m e ssag e s for th e second us e r 18. If th e r e ar e messag e s in th e s e cond us e r's box 
on th e s e cur e mail s e rv e r 16, th e s e cur e e l e ctronic mail s e rv e r 16 will notify th e s e cond 
us e r 18 that th e r e ar e messag e s availabl e for r e trieval. Th e secure e l e ctronic mail serv e r 
16 will th e n use a prot e ct e d transf e r to send th e e l e ctronic mail m e ssage from th e first 
us e r 12 to th e se cond us e r 18 ov e r th e conn e cting n e twork 22. Th e communication 
b e tw ee n th e s e cond us e r 18 and th e s e cur e e l e ctronic mail s e rv e r 16 is th e n discontinu e d. 
Thiis, a messag e has b ee n transf e rr e d from th e first us e r 12 to th e s e cond us e r 18 without 
a direct conn e ction b e tw ee n th e first user 12 and th e s e cond us e r 18. 

It will also b e und e rstood that, in an alt e rnat e arrang e m e nt, th e s e cur e nam e s e rv e r and 
th e secur e mail s e rv e r may r e sid e on th e same comput e r syst e m. 

Th e afor e mention e d m e thod of communication provid e s sev e ral l e v e ls of communication 
prot e ction against outsid e int e rf e r e nc e for unwant e d monitoring. 



First, th e first us e r 12 and th e s e cond us e r 18 nev e r communicat e directly. Thus, an 
out s ide p e r s on must monitor multiple communication pathways to dotoct communication 
b e twe e n th e fir s t us e r 12 and th e s e cond user 18. 

S e cond, b e caus e th e secur e e l e ctronic mail s e rv e r us e s a dynamic addr e ss, th e 
communication pathways to and from the secure e lectronic mail s e rver 16 ar e constantly 
changing. This increases th e difficulty of monitoring communication with the secure 
e l e ctronic mail s e rv e r 16. 

Third, b e caus e the dynamic address of the s e cure electronic mail s erver 16 mu s t be 
obtained from the secure name s e rver 1 4 , the address of th e s e cure nam e s e rver 1 4 must 
b e known. 

Fourth, b e caus e the secur e name serv e r 1 4 r e quires a prop e r log protocol combination, 
the dynamic address of the secure electronic mail s e rver 16 is not e a s ily obtained. 

Fifth, b e caus e th e secur e nam e s e rv e r 1 4 transf e rs th e dynamic addr e ss of th e secur e 
el e ctronic mail server 16 in an e ncrypted m es sage, a first level of encrypti on must be 
brok e n just to obtain the dynamic addr e ss for th e s ecur e electronic mail serv e r 16. 

Sixth, b e caus e a communication b e tw ee n a user and th e s e cur e mail serv e r 16 is 
prot e ct e d, a s e cond l e vel of e ncryption must b e brok e n to obtain the m e ssag e . 

S e v e nth, b e cause th e us e rs can b e using an additional protection or e ncryption syst e m 
that is unkno wn to th e s e cur e n e tworks, an additional l e v e l of protection can b e used 
b e tw e en th e first u s er 12 and th e se cond us e r 18. This additional l e v e l must also be 
brok e n to obtain th e messag e t e xt. 

Eighth, b e caus e th e e ntir e syst e m is controll e d by a r e mot e administrator 20, logon 
protocols, passwords, and k e ys can b e constantly updat e d and chang e d. Any 
compromi se d logon protocol or ID/password combination s can b e imm e diat e ly del e t e d 
from th e syst e m by th e r e mot e administrator 20. 

In addition, multipl e application s of th e pr e s e nt syst e m could provid e for a s yst e m wh e r e 
th e communication b e tw ee n th e r e mot e administrator 20 and a s e cur e e l e ctronic mail 
s e rv e r 16 would also b e an indir e ct communication through anoth e r e l e ctronic mail s e rv e r 

Whil e th e s e d e scriptions of protection levels illustrat e on e e xampl e of the pr e sent 
inv e ntion, it is to b e und e rstood that th e diff e r e nt l e v e ls of prot e ction or additional l e vels 
of prot e ction may b e impl e m e nt e d in conjunction with th e pr e s e nt inv e ntion to furth e r 
e nhanc e s e curity. 

Th e sub proc e ss e s for communicating throughout th e n e twork includ e th e proc e ss to 
administrat e e l e ctronic mail accounts, th e proc e ss to s e nd el e ctronic mail, th e proc e ss to 



r e tri e v e mail, th e proc e ss to regist e r a machin e with a s e cure nam e s e rv e r, the process to 
obtain a dynamic addr e ss from alt e rnat e s e cure nam e s e rv e rs, th e process to get an 
addr e ss from a s e cure name server, and th e proc e ss to conn e ct to a s e cur e e lectronic mail 
server. 

Each of th e sub proc e ss e s for communicating will b e given furth e r d e tail in th e following 
discussion. 

Process to Administrat e El e ctronic Mail Accounts 

FIG. 2 of th e drawings outlines th e process by which the r e mote administrator sets up th e 
user ID/password combinations. The proc e ss starts 30 by initializing the parameters 
necessary for operation of th e proc e ss. The sy s t e m will th e n ch e ck a first secur e name 
s e rv e r 32 for th e dynamic addr e ss of th e secur e mail s e rv e r. Block 3 4 r e pr e s e nts th e 
syst e m checking to see it properly obtain e d the dynamic address of secure mail server 
from the first s ecure name server. If the system is successful in obtai ning th e secure mail 
server dynamic address from th e first secur e nam e serv e r, the syst e m will move on 
comi e ct to th e mail serv e r as shown at block 36. 

If th e system is not successful in obtaining the dynam ic address of th e secur e mail s e rver 
from th e first nam e server as shown in block 3 4 , the syst e m will move on to att e mpt to 
obtain th e dynamic address of th e s e cur e mail s e rv e r from the second secure name server, 
as s hown in block 4 8. As shown in block 50, th e syst e m will check to see if it ha s now 
succ e ssfully retrieved the secure mail serv e r dynamic address from the second s ecure 
nam e s e rv e r. If th e syst e m is succ e ssful th e n th e syst e m will mov e on to conn e ct to th e 
s e cure mail serv e r as shown in block 36. If th e syst e m has not succ e ssfully obtained th e 
dynamic addr e ss of th e s e cure mail s e rv e r from eith e r th e fir s t nam e se rv e r or th e second 
secur e nam e s e rver th e syst e m will se nd back a r e port e rror as shown in block 52 and 
r e turn an e rror cod e to th e us e r as shown in block 5 4 . 

If th e system has succ e ssfully obtained th e dynamic addre s s of th e s e cur e mail s e rv e r, it 
will conn e ct to th e secur e mail s e rv e r using th e dynamic addr e ss as shown in block 36. 
The r e mot e administrator will th e n b e abl e to add us e r ID/passwords as shown in block 
38, modify us e r ID/passwords as shown in block 4 0, and d e l e t e us e r ID/passwords as 
s hown in block 4 2. The remot e administrator will th e n disconn e ct from th e secur e mail 
s e rver as shown in block 44 . Th e s y s t e m will then e nd th e proc e ss to r e mot e ly . 
administrate as shown in block 4 6. 

A similar proc e s s could b e adapt e d to chang e th e logon protocol for th e s e cur e nam e 
s e rv e rs. 

Proc e ss Us e d to S e nd Electronic Mail 

FIG. 3 of the drawings outlines the process by which th e s e cure e l e ctronic mail programs 
s e nd mail communications. Th e proc e ss will start 60 by initializing th e param e t e rs 
n e cessary for op e ration of th e process. Th e us e r will di e n us e his logon protocol to ch e ck 



a first secur e nam e s e rv e r 62 for th e dynamic addr e ss of th e s e cur e mail s e rver. Block 6 4 
r e pr e s e nt s ch e cking to s ee it prop e rly obtain e d th e dynamic addr e s s of secure mail son - o r 
20 from the fir s t s e cure nam e s e rv e r. If th e us e r is succ e ssful in obtaining th e s e cure mail 
s erv e r dynamic address from th e first s e cure nam e s e rver, th e us e r will mov e on connect 
to the mail server at block 66. 

If th e s yst e m is not successful in obtaining th e dynamic addre s s of th e s e cure mail s e rv e r 
from th e first nam e serv e r as shown in block 6 4 , the syst e m will move on to get the 
dynamic addr e ss of th e s e cur e mail s e rver from th e s e cond s e cur e nam e server, as shown 
in block 7 4 . As shown in block 76, th e us e r will ch e ck to s ee if it has now successfully 
retri e v e d the secur e mail server dynamic addr e ss from th e s e cond s e cur e name s e rver. If 
the user is s ucc e ssful, then the us e r will move on to connect to the s e cure mail serv e r as 
shown in b lock 66. If the u se r has not successfully obtain e d th e dynamic addr e ss of the 
secur e mail se rv e r from e ith e r th e first nam e s e rv e r or th e second s e cur e nam e s e rv e r, th e 
us e r will s e nd back th e r e port e rror as shown in block 78 and r e turn th e error code to the 
op e rator a s shown in block 80. 

If th e us e r has succ e ssfully us e d its logon protocol to obtain th e dynamic addr e ss of th e 
secur e electronic mail s e rv e r, it will connect to the secur e mail s e rv e r using th e dynamic 
address as shown in block 66. 

Onc e th e us e r has successfully conn e ct e d to th e e l e ctronic mail s e rv e r, th e e l e ctronic mail 
is prot e cted and s e nt to th e electronic mail s e rv e r as s hown at block 68. Th e us e r th e n 
disconn e cts from the secur e e lectronic mail s e rver as shown at block 70, and e nds the 
proc e ss as shown at block 72. 

Proc e s s U se d to R e triev e Mail 

FIG. 4 of th e drawings outlin e s th e proc e ss by which a user r e tri e v e s mail from th e s e cur e 
mail server. Th e proc e ss will start 90 by initializing th e param e t e rs n e c e ssary for 
op e ration of th e proc e s s . The user will us e its logon protocol to ch e ck a first s ecur e nam e 
s e rv e r 92 for th e dynamic addr e ss of th e s e cur e mail s e rv e r. Block 9 4 repr e s e nts th e us e r 
ch e cking to s ee it prop e rly obtain e d th e dynamic addr e ss of s e cur e mail s e rv e r from th e 
first s e cur e nam e serv e r. If th e us e r is s ucc e ssful in obtaining th e s e cur e mail s e rv e r 
dynamic address from th e first s e cur e nam e s e rv e r, th e us e r will move on connect to th e 
mail s e rver at block 96. 

If th e us e r is not succ e ssful in obtaining th e dynamic addr e ss of th e s e cur e mail s e rv e r 
from th e first nam e s e rv e r as shown in block 9 4 , th e u se r will mov e on to get th e dynamic 
addr e ss of th e s e cur e mail s e rv e r from th e second secur e name se rv e r, as shown in block 
1 10. As shown in block 1 12, th e us e r will check to s ee if it has now successfully r e tri e v e d 
th e s e cur e mail s e rv e r dynamic address from th e second 3 6 010* 6 nam e server. If th e us e r is 
succ e ssful, th e n th e syst e m will mov e on to conn e ct to th e secur e mail serv e r as shown in 
block 96. If the syst e m has not succ e ssfully obtained th e dynamic address of th e s e cure 
mail s e rv e r from e ith e r th e first nam e s e rv e r or th e s e cond s e cure nam e s e rv e r, th e us e r 
will send back tho r e port e rror as shown in block 1 16 and return die e rror cod e to th e us e r 



as shown in block 118. 

Once the user or retrieval program has properly connect e d to th e e lectronic mail s e rv e r, 
th e el e ctronic mail program will check to s ee if mail is availabl e as shown in block 98. 

If mail is available in block 98, th e n th e r e tri e val program will r e tri e v e th e m e ssag e 
h e ad e r s as shown in block 100, r e tri e ve th e sel e ct e d message as shown in block 1 02, 
d e let e the messag e from th e secure mail server as shown in block 1 0 4 , and di s connect 
from th e secur e e l e ctronic mail s e rv e r as shown in block 106. Th e r e tri e val program will 
th e n r e stor e th e n e c e ssary param e t e rs to prop e rly e nd this proc e ss as shown in block 108. 

If it is d e tected in block 98 that mail i s not availabl e , th e r e tri e val program will 
disconn e ct from th e s e cur e mail s e rv e r as shown in block 11 4 . 

Proc e ss to R e gister Machine with a Secure Name S e rver 

As shown in FIG. 5, when a us e r, administrator, or s e cure e l e ctronic mail s e rv e r logs onto 
th e syst e m with a dynamic addr e ss, the s e cur e nam e s e rver i s contact e d. Th e proc e ss for 
e s tabli s hing this connection and supplying th e prop e r dynamic addr e ss to the secure name 
s erver is outlin e d as follows. 

As shown in block 120, th e r e gist e ring CPU machin e s e l e cts an appropriat e s e cur e nam e 
s e rver to b e contacted. The r e gist e ring machin e th e n suppli e s th e secur e nam e s e rv e r with 
these proper logon protocol combination as shown in block 1 22. As shown in block 1 2 4 , 
a s e ssion with a s e cur e nam e s e rv e r is th e n e stablished. If th e s e ssion is successfully 
e stablish e d as shown in block 126, th e n th e machin e will go on to r e gist e r th e dynamic 
addr e ss for th e named machine 128, disconn e ct th e s e s sion 130, and th e n prop e rly s hut 
down this proc e ss as shown in block 13 4 . 

If th e s e ssion was not prop e rly e stablish e d in block 126, th e n th e machin e will report an 
e rror to th e us e r or op e rator at block 136, and return an error code as shown in block 138. 

Process to Obtain a Dynamic Addr e ss from Alt e rnat e S e cur e Nam e S e rv e rs 

FIG. 2 of th e drawings outlin e s th e proc e s s by which a n e twork user obtains a dynamic 
addr e ss from multipl e se cur e nam e s e rv e rs. Th e n e twork user will us e his logon protocol 
to ch e ck a first s e cur e nam e s e rv e r 1 4 0 for the dynamic addr e ss of th e s e cur e mail s e rver. 
Block 1 4 1 r e pr e sents th e us e r ch e cking to se e it prop e rly obtain e d th e dynamic addr e s s of 
secur e mail s e rv e r from th e first s e cure nam e s e rv e r. If th e us e r is succ e s s ful in obtaining 
the secur e mail s e rv e r dynamic address from the first secur e name serv e r, th e system will 
return th e dynamic addr e ss to th e user program as shown at block 1 4 2. 

If tho us e r is not successful in obtaining th e dynamic addr e ss of the secur e mail s e rv e r 
from the first name s e rv e r as shown in block 1 4 1 , th e us e r will move on to g e t the 
dynamic address of th e secure mail s e rver, from th e s e cond s e cure nam e s e rv e r, as shown 
in block 143. As shown in block 1 44 , th e us e r will us e its logon protocol to chock to soo 



if it has now successfully r e tri e ved the s e cur e mail s e rv e r dynamic addr e ss from th e 
se cond s e cure nam e s e rver. If the user is succ e s s ful th e n th e syst e m will r e turn the 
dynam ic address to th e user program as shown in block 1 4 2. If th e user has not 
s ucce s sfully obtain e d th e dynamic address of the secur e mail s e rv e r from eith e r th e first 
nam e se rv e r or th e s e cond s e cur e nam e s e rv e r, th e syst e m will s e nd back th e r e port e rror 
as shown in block 1 4 5 and r e turn th e e rror code to th e us e r as shown in block 1 4 6. 

Process to Get an Addr e ss from a Secure Nam e Serv e r 

FIG. 7 of th e drawings outlin e s th e proc e ss by which an unknown addr e ss, such as th e 
dynamic address of a secur e mail serv e r, is obtain e d from a secure name serv e r. Th e 
process start s by selecting the targ e t secure name s e rv e r machin e by its fix e d 
addr e ss/name as shown in block 150. Th e us e r th e n provid e s th e s e cur e nam e s e rv e r with 
its logon protocol combination as shown at block 152. If th e user logon combination is 
verified th e n a s e ssion is establish e d with a s e cure nam e server as shown at block 15 4 . As 
shown at block 156, if th e session has not been correctly e stablish e d th e n th e secure name 
s e rver will report an error cod e as shown at block 178 and r e turn th e e rror code to th e 
us e r as shown at block 1 80. 

Returning to block 1 56, if th e session has b ee n correctly e stablish e d as shown at block 
156, th e n th e us e r will b e allow e d to request th e address for th e nam e d machin e at th e 
client sit e as shown at block 158. 

The system will th e n p e rform a s e ries of ch e cks to se e if th e nam e d machin e has b e en 
prop e rly id e ntifi e d. If th e nam e d machin e has not b ee n prop e rly id e ntifi e d, shown at 
block 160, th e n di e syst e m will b e disconn e ct e d as shown at block 172, mov e on to 
r e porting th e e rror cod e as shown at block 178, and continu e proc e ssing. 

If th e nam e d machin e has b ee n prop e rly d e fin e d as shown at block 1 60, th e n th e syst e m 
will ch e ck to s e e if th e named machin e has prop e rly r e gist e r e d its addr e ss shown at block 
162. If th e addr e ss has not b e en corr e ctly r e gister e d, then the syst e m will mov e on to 
di s conn e ct sess ion a s s hown at block 174, r e port the e rror cod e as shown at block 1 78, 
and continu e proc e ssing. If the nam e d machin e has prop e rly r e gist e r e d its addr e ss as 
shown at block 162, th e n th e machin e will ch e ck to s ee if th e r e gistration is up to date as 
shown at block 16 4 . 

If th e r e gistration is not prop e rly up to dat e as shown at block 16 4 , th e n th e system will 
disconn e ct the session as shown at block 176, mov e on to report th e e rror cod e as shown 
at block 178, and continu e proc e ssing. 

If th e system r e gistration has b ee n prop e rly updat e d as shown at block 164, thon the 
syst e m will r e turn th e obtained addr e s s as shown in block 168 and disconn e ct th e s e ssion 
as shown in block 166. Tho syst e m will th e n e nd proc e ssing as shown at block 170. 

Proc e ss to Conn e ct to Secure El e ctronic Mail S e rv e r 



FIG. 8 of th e drawings outlin e s th e process by whi ch a connection to a s e c ur e el e ctronic 
mail s e rv e r is made. Tho process b e gins by th e us e r selecting th e s e cur e el e ctronic mail 
server using tho curr e nt dynamic address as shown at block 190. Th e user will th e n 
provide the us e r ID/pas s word combination for the target secure mail server as shown at 
block 192. Th e us e r will then att e mpt to e stablish a s e ssion with secur e e l e ctronic mail 
s e rv e r as shown at block 19 4 . Th e syst e m will ch e ck to make sur e that th e s e ssion has 
b e en correctly e stablished as shown at block 196. 

If th e session has b ee n correctly es tablished as shown at block 196, th e n th e syst e m will 
r e turn to proc e ssing as shown at block 198 and allow th e us e r to continue. 

If the communication s e ssi on has not been correctly establish e d a s s hown at block 196, 
then th e system will r e port an e rror as shown at block 200 and forward th e e rror back to 
th e us e r as shown at block 202. 

Th e pref e rred embodiment of the present invention uses multiple secured name serv e rs to 
allow for acc e ss to th e secure mail s e rver. How e ver, it is also e nvision e d that a singl e 
s e cure nam e server or additional se cur e nam e s e rv e rs could b e used with this inv e ntion. It 
is also e nvisioned that the s e cur e name server and the s e cure mail server could reside on 
the sam e machine. In this mann e r, two separate communication lines would be necessary 
to allow for th e fixed address of the secur e name s e rv e r while providing for a dynamic 
addr e ss of th e s e cur e mail server. 

It is also envisioned that the logon combination and user ID/pa s sword combination could 
b e id e ntical. 

Whil e the foregoing detail e d d e scription has described several e mbodim e nts of th e s e cure 
electronic mail system in accordance with thi s invention, it is to b e und e rstood that th e 
abov e d e scription is illustrativ e and not limiting of th e disclos e d inv e ntion. 

The claims and the sp e cification d e scrib e the invention pr e s e nt e d and th e terms that ar e 
employ e d in the claims draw th e ir meaning from th e us e of s uch t e rms in th e 
sp e cification. Th e sam e t e nns e mployed in th e prior art may b e broad e r in m e aning than 
sp e cifically e mploy e d h e r e in. Wh e never th e r e is a qu e stion b e tw e en the broader 
d e finition of such t e rms us e d in the prior art and th e more specific us e of th e t e rms 
h e r e in, the mor e specific m e aning is meant. 

Whil e th e invention has b ee n d e scribed with a c e rtain d e gr ee of particularity, it is 
manif e st that many changes may be made in the details of construction and th e 
arrangem e nt of compon e nts without departing from the spirit and scop e of this 
disclosur e . It is understood that th e invention is not limit e d to the e mbodim e nts s e t forth 
h e r e in for purposes of ex e mplification, but is to b e limit e d only by th e scop e of th e 
attach e d clai m or claims, including tho full rang e of e quival e ncy to which e ach e l e m e nt 
th e reof is ontitl o d. r00351 In this respect, before explaining at least one embodiment of the 
invention in detail it is to be understood that the invention is not limited in this 
application to the details of construction and to the arrangement so the components set 



forth in the following description or illustrated in the drawings. The invention is capable 
of other embodiments and of being practiced and carried out in various ways. Also, it is 
to be understood that the phraseology and terminology employed herein are for the 
purpose of description and should not be regarded as limiting. As such, those skilled in 
the art will appreciate that the conception, upon which this disclosure is based, may 
readily be utilized as a basis for the designing of other structures, methods and systems 
for carrying out the several puiposes of the present invention. It is important, therefore 
that the claims be regarded as including such equivalent constructions insofar as they do 
not depart from the spirit and scope of the present invention. 

[0036] Additional objects and advantages of the invention are set forth, in part, in the 
description which follows and, in part, will be apparent to one of ordinary skill in the art 
from the description and/or from the practice of the invention. 

[0037] These together with other objects of the invention, along with the various features 
of novelty which characterize the invention, are pointed out with particularity in the 
claims annexed to and forming a part of this disclosure. For abetter understanding of the 
invention, its operating advantages and the specific objects attained by its uses, reference 
would be had to the accompanying drawings, depictions and descriptive matter in which 
there is illustrated preferred embodiments and results of the invention. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0038] FIG. 1 is a system schematic providing a conceptual overview of primary 
hardware and software components of the instant invention as practiced in its preferred 
embodiment. 

[0039] FIG. 2 is a logic flow diagram illustrating processing steps associated with the 
server initialization processing subcomponent of the instant invention when practiced in 
its preferred embodiment. 

I"00401 FIG. 3 is a logic flow diagram illustrating processing steps associated with the 
server termination processing subcomponent of the instant invention when practiced in its 
preferred embodiment. 

[0041] FIG. 4 is a logic flow diagram illustrating processing steps associated with the 
adaptor configuration load processing subcomponent of the instant invention when 
practiced in its preferred embodiment. 

r0042] FIG. 5 is a logic flow diagram illustrating processing steps associated with the 
client connection processing subcomponent of the instant invention when practiced in its 
preferred embodiment. 

[00431 FIG. 6 is a logic flow diagram illustrating processing steps associated with the 
client disconnection processing subcomponent of the instant invention when practiced in 
its preferred embodiment. 



[0044] FIG. 7 is a logic flow diagram illustrating processing steps associated with 
administrative functions given illustrative user response/input strings. 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 

[00451 While the making and using of various embodiments of the present invention are 
discussed in detail below, it should be appreciated that the present invention provides for 
inventive concepts capable of being embodied in a variety of specific contexts. The 
specific embodiments discussed herein are merely illustrative of specific manners in 
which to make and use the invention and are not to be interpreted as limiting the scope of 
the instant invention. 

("0046] While the invention has been described with a certain degree of particularity, it is 
clear that many changes may be made in the details of construction and the arrangement 
of components without departing from the spirit and scope of this disclosure. It is 
understood that the invention is not limited to the embodiments set forth herein for 
purposes of exemplification, but is to be limited only by the scope of the attached claim 
or claims, including the full range of equivalency to which each element thereof is 
entitled. Turning now to FIG. 1. 

r0047] In FIG. 1, a server CPU 103 has executing under control of its control program. 
Secure Agent software 106. The present invention advances the art and improves upon 
technology taught and claimed in the above noted pending applications, said applications 
and teachings incorporated by reference herein. The server 103 also has operating under 
control of its control program the remote configuration software 109 of the instant 
invention. Embodied within the server 103 is a hardware adaptor card 112. Said adaptor 
card 1 12 is in turn communicably attached to one or more host processors (1,21 , 124, 127, 
128). As used herein, the term "adaptor" refers synonymously to those hardware 
configurations such as, but not limited to, "adaptor cards" which allow for connectabilitv 
between two or more central processing units and the transference of data associated 
therewith. Illustrati ve non-limiting examples of such adaptors as used herein would 
include Crossroads ESCON adaptors. Crossroads ESCON parallel adaptors, Bus-Tech 
adaptors and IBM ESCON adaptors. 

r00481 In FIG. 1, the host processors (121, 124, 127, 128) are illustrated as Host 1 128 
executing as its control program a VM system. Host 2 121 operating under as its control 
program a CICS system. Host 3 124 operating under the controller of its control program 
an IMS system and Host 4 127 operating under the dispatching control of its control 
program (ACP) a plurality of application specific programs. In turn, each of the host 
processors 128, 121, 124 and 127 illustrated in FIG. 1, have connected to it one or more 
physical input/output devices 131. In FIG. 1, said input/output devices are depicted as 
tape drives 141, direct access storage device 138 and smart terminals/personal 
computer/client computing capabilities 135. Also shown in FIG. 1 is a plurality of clients 
referred to as Host users 145 which are communicably attached to the server 103 of the 
instant invention via a communications network 148 such as, but not limited to, the 



Internet or other computer compatible network wherein computer recognized and 
generated signals may be communicated between one or more central processing units, 

[0049] Lastly shown in FIG. 1 is a Security Administrator client 151 interactively 
communicating with the Secure Agent software 106 operating within the server 103. As 
will be discussed in further detail and in association with FIGS. 2 through 7, the Security 
Administrator 151 utilizes Secure Agent software 106 to administer and maintain 
user/resource profiles 1 57 and further communicates with information conveyed to said 
Secure Agent software 106 via the software processes associated with the remote 
configuration software 109 of the instant invention. 

[00501 F° r purposes of clarity and to assist in comprehension of the instant invention, it is 
convenient to view the invention as being comprised of a number of processing 
subcomponents. Such processing subcomponents include, but are not limited to, Server 
Initialization Server Termination, Adaptor Configuration Load, Client Communication, 
Client Termination and Administration related subcomponents. 

[005 1] The following discussion in association with FIG. 1 provides a brief non-limiting 
synopsis of the teachings of the instant invention and generally discusses the 
interrelationships of hardware and software processing components of the instant 
invention. In FIG. 1, a Security Administrator 151 defines via Secure Agent software 
106, user and resource profiles 157. Such profiles are stored in a non- volatile storage 
medium, such as but not limited to, a disk drive 158. User resource records are those 
records which typically define security group or groups, and access control variables 
associated with the user. Stated succinctly, the user resource record/profile defines those 
resources that the user may utilize and the bounds of such utilization. The Security 
Administrator 151 may also define resource profiles, such resource profiles define the 
device type and grouping of emulated input/output devices as well as central processing 
unit designations associated with each emulated device type and/or grouping. When 
attempting to establish a session between a host user 145 and any one of the operating 
systems and/or application programs operating under the dispatching control of the 
operating systems of host processors 128, 121, 124 or 127, a user via a communications 
network 148 communicates first with Secure Agent software 106 operating within the 
server 103 of the instant invention 109. Assuming the user 145 is recognized as an 
authenticated and authorized user of the system as governed by Secure A gent so ftware 
106, the user 145 next requests a device or a device grouping of emulated input/output 
devices he or she anticipates utilizing in the requested session. The Secure Agent 
software 106 verifies the user 145 as authority to allocate such emulated input/output 
devices and correspondingly associates such devices with the user and user session 
between one or more of the host processors 128, 121, 124 and 127. Once established, the 
session continues as normal with input/output requests of the user serviced via emulated 
input/output device as opposed to the real input/output devices 131 associated with one or 
more of the host processors. Upon completion of the session or a specific deallocation 
request initiated by the user, the client termination subprocess of the instant invention 
deallocates the emulated input/output device or devices. As indicated, the processing 
subcomponents of the instant invention further include Adaptor Configuration Load, 



Client Communication, Client Termination, Administration, Server Initialization and 
Server Termination subprocesses. It is to such subprocesses FIGS. 2 through 7 address 
themselves. A more detailed disclosure of each subprocess follows. 

["00521 FIG. 2 discloses in further detail the process steps in which the server of the 
instant invention is initialized. While discussion of the individual subprocesses is 
provided in an illustrative logic sequence, it is to be noted that process steps defined 
therein need not occur in, a serial manner. Rather it is expressly recognized that many of 
the subprocesses execution steps may be executed in a concurrent manner, or have their 
execution sequence factored upon the statusing of a previously executed process step. 

I"0053] Server Initialization, FIG. 2 

[00541 With respect to server initialization, the driver of the instant invention first 
initializes all driver module-wide variables, such as clearing out how many adaptors are 
being supported, 201. Once these variables have been initialized, adaptors are located by 
enumerating all peripheral component interconnect computer Bus-type (PCD devices 
present in the system using data and techniques published by the PCI Special Interest 
Group and by Microsoft's Window's NT Device Driver Kit fDDK). Specifically, the 
adaptor vendor and device IDs 202 are referenced to identify the presence of such 
supported adaptors. For each adaptor located, adaptor specific variables are initialized by 
the driver 203, with the resources used by the adaptor, such as buffer areas and IRQ 
(interrupt request lines) being next allocated and reserved 204 using functions provided 
by DDK. The adaptor is then reset 205 by the driver using a technique made known by 
the adaptor's manufacturer. Since these adaptors are generally intelligent it is necessary to 
transfer (download) to them microcode (a manufacturer-supplied program specific to 
such a device) that controls internal instruction sequencing. Therefore, microcode is 
downloaded into the adaptor 206 in a manner prescribed by the adaptor manufacturer 
with the adaptor then considered initialized 207. The driver next requests a connection to 
each unique IRQ so that any interrupts generated by any of the recognized adaptors may 
be serviced by the driver 208 and next initiates timer support 209 so that approximately 
once every second, general operations may be performed on behalf of each adaptor. This 
support typically, though not limitedly, includes ensuring an adaptor does not generate a 
non-detected interrupt. Having once initiated its timer 209, the driver next exposes 
standard module-wide support to all applications 210, which allows for communications 
with the driver as to be established by the Host DLL. 

r00551 Subsequent to the driver initialization, the Host DLL initializes variables it utilizes 
21 1 and clears a user connection block to allow information for each user to be 
represented 212. The Host DLL further exposes and makes available to Secure Agent a 
block of data, representing an emulated device specific administrative instruction set 213. 
for each user. In addition to such normal data elements as a user ID and password, this 
instruction set advises Secure Agent to maintain device type and security group strings on 
behalf of each user specifically for the support of this Host DLL. The device types limits 
those types of emulated devices to which a user might claim access whereas the device 
security groups name the emulated device security groups to which a user is subscribed. 



In addition, at this stage linkage to configuration support routines within the Host DLL is 
also established. As practiced in one embodiment of the invention, the root name of the 
administrative tree structure is exposed to Secure Agent indicating that the Host DLL 
supports the configuration of information and will respond in a positive manner to 
requests for information and management of branches under this particular root. The Host 
DLL next creates a mutex serialization mechanism to be used by configuration support 
routines during access of adaptor configuration data to insure data integrity 214. This 
serialization mechanism is used to prevent for example potential simultaneous updates by 
multiple administrators as well as to prevent a client from enumerating emulated devices 
while it is being manipulated. 

[00561 The Host DLL continues to open or otherwise establishes communication with the 
driver 21 5 and requests from it a number of recognized adaptors 216 to which the driver 
responds 217, whereupon the Host DLL requests from the driver its version number 218 
to which the driver also responds 219. The Host DLL then records into a Seciire Agent 
log the driver version and the number of adaptors it controls 220, and proceeds to indicate 
that each adaptor is not yet in a condition to support client connectivity 221 . Data 
representing the adaptor configuration to be utilized (the active configuration) is next 
loaded 223. This data specifies device types and number of devices to be emulated, in 
conjunction with user- friendly (readable) names and security groups for each such 
emulated device. A second unique set of this data is loaded (the inactive configuration) 
224 on behalf of this same adaptor to be used as a work area for administrators. This 
allows administrators to accumulate a series of configuration changes prior to effecting 
the activation of those changes as a whole. During said initialization, the Host DLL lastly 
ensures that the loaded adaptor configurations are within operationally permissible 
parameters 225. 

r00571 FIG. 3 is a logic flow diagram illustrating processing steps associated with the 
server termination processing subcomponents of the instant invention as practiced in its 
preferred embodiment. Turning now to FIG. 3. 

[0058] In FIG. 3 with respect to server termination, the Host DLL first disconnects each 
currently connected user 301. Such disconnection is facilitated via processing 
accommodated in the Client Disconnection Processing subcomponent as will be 
discussed in association with FIG. 6. Recognized adaptors are then set offline to their 
channels through the Adaptor Configuration Load processing subcomponent 302. The 
Host DLL next ceases communication, or closes the driver 303, and frees all allocated 
storage and resources 304. The one second timer is then closed by the driver 305 and 
module-wide exposure of support to application through NT is eliminated 306. The driver 
then ensures/verifies each adaptor is offline to the channel and the adaptor is reset 307, 
disconnects all previously connected IRQ's 308, and destroys each object instance 309. 
Such destruction further includes but is not limited to elimination of exposure of the 
emulated devices support to applications through NT 310 and the freeing of all allocated 
storage and resources 311. 

r0059] FIG. 4 is a logic flow diagram illustrating the processing steps associated with the 



Adaptor Configuration Load processing subcomponent of the instant invention as 
practiced in its preferred embodiment, 

r00601 In FIG. 4 the Host DLL first indicates the adaptor's unavailability 401 and for 
each client currently connected to a logical unit on this adaptor, issues a message to the 
client indicating that the client is being disconnected due to administrative device 
management 402, The Host DLL then performs the client disconnection services in 
association with the invention's Client disconnection subprocess as will be discussed in 
further detail in association with FIG. 6. The Host DLL continues by next recording into 
Secure Agent log the configuration for this adaptor is being loaded 403 and if the adaptor 
is to be forced offline to the mainframe to which it is connected 404, prepare and uses an 
empty configuration indicating that Emulated devices are not to be emulated during this 
session. If the adaptor is not to be forced offline, an active configuration for the adaptor is 
provided and a request that the adaptor using the active configuration data is initiated 
405, The driver as instructed causes the adaptor to be offline to the channel at this stage 
in the adaptor confi guration load 406, destroys each of the adaptor emulated devices 
driver object instances 407 causing or eliminating the exposure of emulated devices 
support to applications through NT 408 and frees all allocated storage and resources 409. 
The driver next determines if Emulated devices are to be emulated 410 and then request 
that the adaptor be brought online to the channel 411, lastly indicating that the adaptor is 
available for client use 412. 

[00611 FIG. 5 is a logic flow diagram illustrating the processing steps associated with the 
Client Connection processing subcomponent of the instant invention as practiced in its 
preferred embodiment. 

r00621 Client Connection, FIG. 5 

r0063] In FIG. 5, a client connection first initializes variables that it utilizes 501 then 
employs Secure Agent client code in order to establish a connection to the Host DLL 502, 
whereupon the Host DLL retains the client's name 503 and loads the client's device type 
and security groups 504. A new client object instance is then created to represent this new 
client connection with the variables it will use becoming initialized 505. The Host DLL 
then stores the location of the client object in a user connection block 506. At this point 
the client sends to the Host DLL the command version level that represents the client 
feature set as a means to facilitate backward compatibility by future Host DLLs 507 
which the Host DLL stores for possible reference 508. By knowing the version of the 
client, the Host DLL can and will prevent communicating with older clients in a manner 
supported only by newer clients, whereas newer clients will be able to take advantage of 
a fuller set of features that the Host DLL offers. The client next provides to the Host DLL 
the emulated device type in which it is interested 509 whereupon the Host DLL stores it 
for later reference 510. The client then req uests of the Host DLL its command version 
level 5 1 1 that the client stores for possible reference 513. Just as with the Host DLL 
being able to restrict its behavior for older clients, since the client knows the version level 
of the Host DLL it can restrict itself from attempting to take advantage of features 
available only on newer servers whereas newer servers might be more fully exploited. 



The client then requests from the Host DLL a list of the currently available emulated 
devices to which the client may connect 514. The Host DLL returns the response back 
515 whereupon the client selects one of the emulated devices and requests that the Host 
DLL establish a connection to it on its behalf 516. 

[0064] FIG. 6 is a logic flow diagram illustrating the processing steps associated with 
Client Disconnection processing subcomponent of the instant invention as practiced in its 
preferred embodiment. 

r0065] As can be seen in FIG. 6, the Host DLL destroys the client object instance which 
requires the following acti vity. If connected to a logical unit, the logical unit is closed 
601 and the threads that were created to perform input/output device of the logical unit, if 
any, are terminated 602. If connected to a logical unit, the logical unit-in-use flag is set to 
not in use 603 and if connected to a logical unit, the logical unit client value is set to none 
604. The Host DLL lastly frees all allocated storage and resources for the client object 
605. 



r0066] Administrative Configuration 

[0067] When an administrator desires to modify the confi guration of adaptors managed 
by the Host DLL it issues requests for enumeration of the "/Adaptors" root and its 
branches to which the Host DLL will respond. This provides the administrator with the 
means necessary to discover what information exists to be changed. The data exposed 
through these branches correlates to the data within the active and inactive configurations 
for each adaptor. 

r0068] Once supplied with the name and value of a piece of adaptor configuration data an 
administrator can decide whether or not to make changes to it and, i f so, supply that name 
with a new value back to the Host DLL which will then make that change on the 
administrator's behalf. 

r0069] Additionally, an administrator may enumerate a series of controls that can be 
employed for special actions by the Host DLL against an adaptor. Specifically, an 
administrator might decide to activate the inactive configuration, whereupon the Host 
DLL will exchange the data of the active configuration with that of the inactive 
configuration then perform the actions detailed with Adaptor Configuration Load, FIG. 4. 
If, on the other hand, an administrator opted to copy the contents of the active 
configuration into that of the inactive configuration then the Host DLL would perform 
that action. An administrator also has the option to simply clear out the inactive 
configuration whereupon the Host DLL would reinitialize it to reflect the absence of 
configured emulated devices. If an administrator decided it was necessary to reinitialize 
the adaptor then he could specify that the Host DLL do so whereupon it would perform 
the actions detailed with Adaptor Configuration Load, FIG. 4. Finally, if an administrator 
decided that an adaptor should either be kept offline or could come back online then he 
could request that of the Host DLL and it would toggle that state for the adaptor then 
perform the actions detailed with Adaptor Configuration Load, FIG. 4. 



r0070] Non-limiting examples of dialog and processing as provided for in the invention's 
administrative configuration subcomponent follow immediately for piirposes of 
facilitating full and enabling disclosure. 

r0071] Connected Client Traffic from Logical Unit: Mainframe Message (3215 Example) 

["00721 When the adaptor interrupts with a message from the mainframe then that 
message is first caught by the driver emulated devices object and carried up into the Host 
DLL by a thread created on behalf of the client that performs I/O against the Logical unit. 
This message is then transmitted through SA to the client. 

r00731 Connected Client Traffic from Logical Unit: Online or Offline Event (3215 
Example) 

[0074] When the adaptor is found to go online or offline to the channel then that event is 
first caught by the driver emulated devices object and carried up into the Host DLL by a 
thread created on behalf of the client that performs I/O against the Logical unit. This 
event is then transmitted through SA to the client. 

[00751 Connected Client Traffic from Client: Mainframe Command (3215 Example) 

r00761 The client may send a mainframe command to the Host DLL which is 
immediately transported to the driver emulated devices object by a thread created on 
behalf of the client that performs I/O against the Logical unit. The driver emulated 
devices object then requests that the adaptor send the command to the mainframe. 

[0077] FIG. 7 is a logic flow diagram illustrating processing steps associated with 
administrative functions given non-limiting examples of user input command strings. 
Turning now to FIG. 7. 

r00781 Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors 

r00791 Administrator requests an enumeration of 7ESC0N Adaptors 1 ' 701. 

|"00801 Host DLL builds and returns a string consisting of a concatenation of all the 
adaptors, in the form of Adaptor # where # is the 1 -based number of the adaptor, along 
with a flag for each indicating that each element has, in turn, more branches 702. 

1*00811 Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors/ Adaptor # 

["00821 Administrator requests an enumeration of, for example, "/Adaptors/ Adaptor 1" 
703. 



[0083] Host DLL builds and returns a string consisting of a concatenation of "Active 
Configuration" and "Inactive Configuration", each with a flag for each indicating that 
they have, in turn, more branches, along with a string of "Configuration Control" with a 
flag indicating that it has values 702. 

[0084] Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors/Adaptor #/(ln)Active Configuration 

r00851 Administrator requests an enumeration of, for example, "/Adaptors/Adaptor 
1 /Active Configuration" 704. 

[0086] Host DLL builds and returns a string consisting of a concatenation of 16 CUs, in 
the form of Control Unit x## where ## is hexadecimal from 00 through OF, along with a 
flag for each indicating that each element has, in turn, more branches 702. 

[00871 Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors/ Adaptor #/(In)Active Configuration/Control Unit x## 

[0088] Administrator requests an enumeration of, for example, "/Adaptors/Adaptor 
1 /Active Configuration/Control Unit xOO" 705. 

[00891 Host DLL builds and returns a string consisting of a concatenation of 
"Assignments" and "Logical Units", each with a flag indicating that they have values 702. 

r0090] Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors/ Adaptor #/(In)Active Configuration/Control Unit x##/Assignments 

[0091] Administrator requests an enumeration of, for example, "/Adaptors/ Adaptor 
1/Inactive Configuration/Control Unit xOO/Assignments" 706. 

[0092] Host DLL builds and returns a stri ng consisting of a concatenation of the 
following: 702 

[0093] A. "Controller Type" with a flag indicating the data presentation to be a drop- 
down box. 

F00941 This includes a list of all of die valid CUTvpes ( i.e. 7412, 3174) along with the 
currently assigned value. This value is taken from the specified Adaptor configuration 
data for this adaptor, indexed to the specified control unit. 

["0095] B. "Base Address" with a flag indicating the data presentation to be a text box. 
This includes the currently assigned value. This value is taken from the specified Adaptor 
configuration data for this adaptor, indexed to the specified control unit. 

f00961 C. "Device Count" with a flag indicating the data presentation to be a text box. 
This includes the currently assigned value. This value is taken from the specified Adaptor 



configuration data for this adaptor, indexed to the specified control unit, 

[00971 D. If the specified Adaptor configuration is the active configuration then a flag is 
added to all fields marking them as non-modifiable meaning that this data cannot be 
changed. For these particular datas only that within the inactive configuration may be 
worked upon, 

[00981 Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors/Adaptor #/(In) Active Configuration/Control Unit x##/Logical Units 

[0099] Administrator requests an enumeration of, for example, "/Adaptors/ Adaptor 
1/Inactive Configuration/Control Unit xOO/Logical Units" 707, 

[01001 Host DLL builds and returns a string consisting of a concatenation of the 
following: 702 

[0101] A. For each emulated devices per Logical Unit Count for the specified Adaptor 
configuration data for this adaptor, indexed to the specified control unit (the following 
uses of ## is the current Logical Unit Count entry+the Logical Unit Base, providing the 
emulated devices address as it appears to the mainframe.): 

[0102] 1. "Device x## Name(s)" with a flag indicating this is a text box. This includes the 
currently assigned value per the specified Adaptor configuration data for this adaptor, 
indexed to the specified CU and emulated devices per the current Logical Unit Count 
entry. 

[0103] 2. "Device x## Group(s)" with a flag indicating this is a text box. This includes 
the currently assigned value per the specified Adaptor configuration data for this adaptor, 
indexed to the specified CU and emulated devices per the current Logical Unit Count 
entry. 

[0104] 3. If the specified Adaptor configuration is the active configuration: 

[0105] a. "Device x## Status" with a flag indicating this is a text box. This includes either 
the currently assigned emulated devices Client value (client userid) if the emulated 
devices In-Use flag indicates "in use", otherwise "this device is not in use". The emulated 
devices values involved are per the specified Adaptor configuration data for this adaptor, 
indexed to the specified CU and emiilated devices per the current Logical Unit Count 
entry. This field is marked as non-modifiable meaning that this data cannot be changed 
(informational only) 

[01061 Administration of Adaptor Configuration Data: Input Request=Enumerate Branch 
/Adaptors/Adaptor #/Configuration Control 

[0107] Administrator requests an enumeration of, for example, "/Adaptors/ Adaptor 
1/Configuration Control" 708. 



[0108] Host DLL builds and returns a string consisting of a concatenation of the 
following: 702 

r01091 A, "Check this then click save to activate the inactive config" with a flag 
indicating this is a check box and a value of unchecked, 

TO! 101 B. "Check this then click save to copy the inactive config to the inactive" with a 
flag indicating this is a check box and a value of unchecked, 

[01 1 11 C. "Check then then click save to purge the inactive config" with a flag indicating 
this is a check box and a value of unchecked, 

fOl 12] D. "Check this then click save to POR the adaptor" with a flag indicating this is a 
check box and a value of unchecked. 

[01 13] E. "Force adaptor offline" with a flag indicating this is a check box. This includes 
the currently assigned value per the specified Adaptor configuration data for this adaptor. 

[01 141 Continuing with non-illustrated, non-limiting examples of Administrative 
processing functionality: 

[01151 Administration of Adaptor Configuration Data: Data Assignment of a 
/Adaptors/ Adaptor #/(In)Active Configuration/Control Unit x##/Logical Units value: 

[01161 Administrator 

[01 171 1 . Requests an assignment of any modifiable value under "/Adaptors/Adaptor 
#/(In)Active Configuration/Control Unit x##/Logical Units" providing the new value 
along with the path to the data name. 

roil 81 Host DLL 

[01191 2. Assigns the specified data of the adaptor, indexed to the specified CU and 
Logical Unit, to the provided value. 

[01201 3. Saves the data to non- volatile storage through SA. 

[012114. If the chan ge was to an emulated devices Name then, if that emulated devices is 
currently in use by a user per the emulated devices In-Use flag, use the emulated devices 
Client value to locate the client object then issue that client a message indicating the new 
emulated devices name. 

[01221 5. If the change was to an emulated devices Groups then, if that emulated devices 
is currently in use by a user per the emulated devices In-Use flag, use the emulated 
devices Client value to locate the client object and revalidate the client's authority exactly 



as is in accordance with Client Connection discussion. If the client no longer has the 
authority to access the device then send him a message to that effect and perform Client 
Disconnection processing, 

r0123] Administration of Adaptor Configuration Data: Data Assignment of a 
/Adaptors/Adaptor #/(In)Active Configuration/Control Unit x##/Assignments value: 

[0124] 1 . Administrator requests an assignment of any modifiable value under 
"/Adaptors/Adaptor #/(In)Active Configuration/Control Unit x##/Assignments", 
providing the new value along with the path to the data name. 

T01251 Host DLL 

T01261 2. Ensures that every Logical Unit Base and Logical Unit Count is within the 
ranges established (and published) as acceptable to the adaptors and IBM mainframe 
computers. If not then reject the change 

("0127] 3. Assigns the specified data of the adaptor, indexed to the specified CU, to the 
provided value. 

r0128] 4. Saves the data to non-volatile storage through SA, 

r0129] Administration of Adaptor Configuration Data: Admin checked 

/Adaptors/ Adaptor #/Configuration Control/Check this then click save to activate the 

inactive config 

f0130] 1. Administrator requests to activate the inactive configuration of the specified 
adaptor. 

r01311Host DLL 

f0132] 2. Uses the configuration datas for the specified adaptor. 

T01331 3. Indicates that the adaptor is unavailable for use by clients. 

f0 1 341 4. For each client currently connected to an emulated devices on this adaptor: 

r01351 A. Issue a message to the client indicating that they are being disconnected due to 
administrator device management. 

rOl 36] B. Perform Client Disconnection. 

101371 5. Exchanges the contents of the active configuration with that of the inactive 
configuration. 

f0 1381 6. Saves the configurations to non-volatile storage through SA. 



T01391 7. Performs Adaptor Configuration Load. 

rOl 40] Administration of Adaptor Configuration Data: Admin checked 
/Adaptors/ Adaptor #/Configuration Control/Check this then click save to copy the 
inactive config to the inactive 

[0141] 1. Administrator requests to copy the active configuration to the inactive 
configuration of the specified adaptor. 

T01421 Host DLL 

[0143] 2. Uses the configuration datas for the specified adaptor. 

10 1441 3. Copies the contents of the active configuration into the inactive configuration. 

T01451 4. Saves the inactive configuration to non-volatile storage through SA. 

[0146] Administration of Adaptor Configuration Data: Admin checked 
/Adaptors/Adaptor #/Configuration Control/Check then then click save to purge the 
inactive config 

[0147] 1 . Administrator requests to purge the inactive configuration of the specified 
adaptor. 

T01481 Host DLL 

[0149] 2. Uses the inactive configuration data for the specified adaptor. 

f0150] 3. Clear it out to default values as does Start Server when a configuration doesn't 
exist. In summary, all of the CUTypes are assigned to 7412 and everything else is 
assigned to 0. 

[0151] 4. Saves the inactive configuration to non-volatile storage through SA. 

rOl 521 Administration of Adaptor Configuration Data: Admin checked 
/Adaptors/ Adaptor #/Con figuration Control/Check this then click save to POR the 
adaptor 

|"01 531 Administrator requests to perform a Power On Reset (POR, or an offline/online 
recycle) of the specified adaptor. 

[0154] Host DLL performs Adaptor Configuration Load for the specified adaptor. 

[0155] Administration of Adaptor Configuration Data: Admin checked 
/Adaptors/Adaptor #/Configuration Control/Force adaptor offline 



[0156] Administrator 

[0157] 1 . Requests a change to the flag that controls whether or not the adaptor is to be 
forced offline to the mainframe to which it is connected. 

[01581 Host DLL 

[0159] 2. Assigns the supplied setting to the data for the specified adaptor. 
[0160] 3. Saves the value to non-volatile stored through SA. 
[0161] 4. Performs Adaptor Configuration Load. 

[0162] While this invention has been described to illustrative embodiments, this 
description is not to be construed in a limiting sense. Various modifications and 
combinations of the illustrative embodiments as well as other embodiments will be 
apparent to those skilled in the art upon referencing this disclosure. It is therefore 
intended that this disclosure encompass any such modifications or embodiments. 

[0163] It will be apparent to those skilled in the art that various modifications and 
variations can be made in the construction, configuration, and/or operation of the present 
invention without departing from the scope or spirit of the invention. For example, in the 
embodiments mentioned above, variations in the materials used to make each element of 
the invention may vary without departing from the scope of the invention. Thus, it is 
intended that the present invention cover the modifications and variations of the invention 
provided they come within the scope of the appended claims and their equivalents. 



